OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "extensions/common/permissions/permissions_data.h" | 5 #include "extensions/common/permissions/permissions_data.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 #include <utility> | 8 #include <utility> |
9 | 9 |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 262 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
273 base::AutoLock auto_lock(runtime_lock_); | 273 base::AutoLock auto_lock(runtime_lock_); |
274 URLPatternSet effective_hosts = active_permissions_unsafe_->effective_hosts(); | 274 URLPatternSet effective_hosts = active_permissions_unsafe_->effective_hosts(); |
275 for (const auto& val : tab_specific_permissions_) | 275 for (const auto& val : tab_specific_permissions_) |
276 effective_hosts.AddPatterns(val.second->effective_hosts()); | 276 effective_hosts.AddPatterns(val.second->effective_hosts()); |
277 return effective_hosts; | 277 return effective_hosts; |
278 } | 278 } |
279 | 279 |
280 bool PermissionsData::HasHostPermission(const GURL& url) const { | 280 bool PermissionsData::HasHostPermission(const GURL& url) const { |
281 base::AutoLock auto_lock(runtime_lock_); | 281 base::AutoLock auto_lock(runtime_lock_); |
282 return active_permissions_unsafe_->HasExplicitAccessToOrigin(url) && | 282 return active_permissions_unsafe_->HasExplicitAccessToOrigin(url) && |
283 !IsRuntimeBlockedHost(url); | 283 !IsRuntimeBlockedHostUnsafe(url); |
284 } | 284 } |
285 | 285 |
286 bool PermissionsData::HasEffectiveAccessToAllHosts() const { | 286 bool PermissionsData::HasEffectiveAccessToAllHosts() const { |
287 base::AutoLock auto_lock(runtime_lock_); | 287 base::AutoLock auto_lock(runtime_lock_); |
288 return active_permissions_unsafe_->HasEffectiveAccessToAllHosts(); | 288 return active_permissions_unsafe_->HasEffectiveAccessToAllHosts(); |
289 } | 289 } |
290 | 290 |
291 PermissionMessages PermissionsData::GetPermissionMessages() const { | 291 PermissionMessages PermissionsData::GetPermissionMessages() const { |
292 base::AutoLock auto_lock(runtime_lock_); | 292 base::AutoLock auto_lock(runtime_lock_); |
293 return PermissionMessageProvider::Get()->GetPermissionMessages( | 293 return PermissionMessageProvider::Get()->GetPermissionMessages( |
(...skipping 111 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
405 if (tab_id >= 0) { | 405 if (tab_id >= 0) { |
406 const PermissionSet* tab_permissions = GetTabSpecificPermissions(tab_id); | 406 const PermissionSet* tab_permissions = GetTabSpecificPermissions(tab_id); |
407 if (tab_permissions && | 407 if (tab_permissions && |
408 tab_permissions->explicit_hosts().MatchesSecurityOrigin(url)) { | 408 tab_permissions->explicit_hosts().MatchesSecurityOrigin(url)) { |
409 return true; | 409 return true; |
410 } | 410 } |
411 } | 411 } |
412 return false; | 412 return false; |
413 } | 413 } |
414 | 414 |
415 bool PermissionsData::IsRuntimeBlockedHost(const GURL& url) const { | 415 bool PermissionsData::IsRuntimeBlockedHostUnsafe(const GURL& url) const { |
416 runtime_lock_.AssertAcquired(); | 416 runtime_lock_.AssertAcquired(); |
417 return PolicyBlockedHostsUnsafe().MatchesURL(url) && | 417 return PolicyBlockedHostsUnsafe().MatchesURL(url) && |
418 !PolicyAllowedHostsUnsafe().MatchesURL(url); | 418 !PolicyAllowedHostsUnsafe().MatchesURL(url); |
419 } | 419 } |
420 | 420 |
421 PermissionsData::AccessType PermissionsData::CanRunOnPage( | 421 PermissionsData::AccessType PermissionsData::CanRunOnPage( |
422 const Extension* extension, | 422 const Extension* extension, |
423 const GURL& document_url, | 423 const GURL& document_url, |
424 int tab_id, | 424 int tab_id, |
425 const URLPatternSet& permitted_url_patterns, | 425 const URLPatternSet& permitted_url_patterns, |
426 const URLPatternSet& withheld_url_patterns, | 426 const URLPatternSet& withheld_url_patterns, |
427 std::string* error) const { | 427 std::string* error) const { |
428 runtime_lock_.AssertAcquired(); | 428 runtime_lock_.AssertAcquired(); |
429 if (g_policy_delegate && !g_policy_delegate->CanExecuteScriptOnPage( | 429 if (g_policy_delegate && !g_policy_delegate->CanExecuteScriptOnPage( |
430 extension, document_url, tab_id, error)) | 430 extension, document_url, tab_id, error)) |
431 return ACCESS_DENIED; | 431 return ACCESS_DENIED; |
432 | 432 |
433 if (extension->location() != Manifest::COMPONENT && | 433 if (extension->location() != Manifest::COMPONENT && |
434 extension->permissions_data()->IsRuntimeBlockedHost(document_url)) { | 434 extension->permissions_data()->IsRuntimeBlockedHostUnsafe(document_url)) { |
435 if (error) | 435 if (error) |
436 *error = extension_misc::kPolicyBlockedScripting; | 436 *error = extension_misc::kPolicyBlockedScripting; |
437 return ACCESS_DENIED; | 437 return ACCESS_DENIED; |
438 } | 438 } |
439 | 439 |
440 if (IsRestrictedUrl(document_url, extension, error)) | 440 if (IsRestrictedUrl(document_url, extension, error)) |
441 return ACCESS_DENIED; | 441 return ACCESS_DENIED; |
442 | 442 |
443 if (HasTabSpecificPermissionToExecuteScript(tab_id, document_url)) | 443 if (HasTabSpecificPermissionToExecuteScript(tab_id, document_url)) |
444 return ACCESS_ALLOWED; | 444 return ACCESS_ALLOWED; |
(...skipping 11 matching lines...) Expand all Loading... |
456 manifest_errors::kCannotAccessPageWithUrl, document_url.spec()); | 456 manifest_errors::kCannotAccessPageWithUrl, document_url.spec()); |
457 } else { | 457 } else { |
458 *error = manifest_errors::kCannotAccessPage; | 458 *error = manifest_errors::kCannotAccessPage; |
459 } | 459 } |
460 } | 460 } |
461 | 461 |
462 return ACCESS_DENIED; | 462 return ACCESS_DENIED; |
463 } | 463 } |
464 | 464 |
465 } // namespace extensions | 465 } // namespace extensions |
OLD | NEW |